Cisco IOS TCL and RCMD testing and troubleshooting scripting

Ripped off from  www.NetMasterClass.net  -ReadIt (Technical Library) item at right

The following paper does not claim to be a complete treatise on TCL. Instead, it describes how the TCL shell on a Cisco router can be used to automate some testing tasks during a typical lab exam. If you require more information about TCL, you should make use of a number of tutorials on the web, or one of the many books on the subject.

Somewhere during any successful CCIE lab attempt it will be necessary to test the reachability of addresses from each device in your testbed. Some students use cut and paste techniques coupled with Notepad to ping the address of interest. Unfortunately, there are numerous drawbacks to this technique. Often, students have to manually change terminal windows to issue pings on each device. In addition, the student has to tweak the terminal program settings in order to avoid filling the console buffer on the router. In short, Notepad cut and paste isnít the most carefree way to look for routing problems in a lab environment.

Coupling TCL (tool command language) with the RCMD facility on a Cisco router allows a single router to rapidly send an entire string of ping commands to a list of routers without overloading the input buffer. Furthermore, the script can automatically assemble a list of addresses used in the topology, and it will send the pings to the correct router without manual intervention from the student.

Checking reachability on a router requires the following steps:

1. Select a router that can actually execute the TCL script. TCL runs on 2600, 3600, and 7500 series routers, but seems to be unavailable on 2500 and 4000/4500/4700 series routers and Catalyst 3500s.

Note that TCL can send ping commands to routers even if the receiving routers cannot themselves run TCL. As long as you have one device that supports the TCL shell software, these techniques will work.

2. Select an address on each router that will allow the TCL script to contact that particular device. Insure that the router that will be running the TCL script can successfully ping these addresses. Select an interface on the router running the TCL script that will be used as a TCL source address. Make sure that all other routers can reach this address.

3. Configure the necessary RCMD commands on the router running the TCL script as well as on the rest of the routers in the topology.

4. Using TCL assemble a list of all of the IP addresses used on all links in your topology. Manually edit the output so that it can be used in the subsequent TCL ping script.

5. Create, debug, and run the script to ping the collected addresses.

Here are the steps that I use to accomplish the aforementioned tasks.

The test topology contains routers R1, R2, and R3. All routers contain IP addresses that are fully reachable from all of the other routers. Each router contains a loopback address configured along the lines of 172.16.10N.1/24 where N is the router number. R1 is a 2621XM router, and contains the necessary IPS code to support TCL commands.

1. First configure R1 with the following RCMD commands:

r1#

Conf t

Int lo101

Ip addr 172.16.101.1 255.255.255.0

No shu

Ip rcmd rsh-enable

Ip rcmd remote-host r1 172.16.101.1 r1 enable

Ip rcmd source-interface lo101

Configure r2 and r3 in a similar fashion. The RCMD source-interface command is not necessary on these two.

r2#

conf t

int lo102

ip addr 172.16.102.1 255.255.255.0

ip rcmd rsh-enable

ip rcmd remote-host r1 172.16.101.1 r1 enable

2. Collect the IP addresses that need to be tested for reachability. Use the following script to accomplish this task. Type the script exactly as shown. Moving {} or spaces will cause the script to fail.

Also note the space after the "^" in the following script. Examining the output from the "sh ru" command demonstrates that IOS always indents the line "ip address x.x.x.x" by a single space when it sits below the interface command. This space does not exist when searchingfor the hostname keyword in the same running config.

r1#

tclsh

foreach router {

172.16.101.1

172.16.102.1

172.16.103.1

} {

rsh $router show run | include \^ ip address \[0-9]

}

Note:  This script requires either that the router names be entered into DNS or that IP domain-lookup be disabled.

This script will produce output that looks something lie this:

ip address 172.16.101.1 255.255.255.0

ip address 172.16.10.129 255.255.255.128

ip address 172.16.123.1 255.255.255.128

ip address 172.16.21.1 255.255.255.128

ip address 172.16.16.1 255.255.255.128

ip address 172.16.10.1 255.255.255.128

ip address 172.16.20.2 255.255.255.128

ip address 172.16.123.2 255.255.255.128

ip address 172.16.21.2 255.255.255.128

ip address 172.16.200.126 255.255.255.128

ip address 172.16.30.3 255.255.255.128

ip address 172.16.123.2 255.255.255.128

ip address 172.16.34.3 255.255.255.128

ip address 172.16 35.3 255.255.255.128

(The spaces between the above sets of addresses shows where the $router variable changed from one entry in the foreach list to the next. As a result the first set of IP addresses comes from r1, the second from r2, and the third from r3.)

3. Pating this output into Notepad and using the Search/Replace capability, remove everything except the IP addresses. Following editing the above output will look as follows:

172.16.101.1 255.255.255.0

172.16.10.129 255.255.255.128

172.16.123.1 255.255.255.128

172.16.21.1 255.255.255.128

172.16.16.1 255.255.255.128

172.16.10.1 255.255.255.128

172.16.20.2 255.255.255.128

172.16.123.2 255.255.255.128

172.16.21.2 255.255.255.128

172.16.200.126 255.255.255.128

172.16.30.3 255.255.255.128

172.16.123.2 255.255.255.128

172.16.34.3 255.255.255.128

172.16 35.3 255.255.255.128

4. Createe a TCL script to ping each of these addresses from each of the routers in our topology as follows:

R1#

tclsh

foreach router {

172.16.101.1

172.16.102.1

172.16.103.1

} {

puts "\n\n\n\n\n\n\n\n\n\n\n"

set hostname [rsh $router show run | include \^hostname]

puts "Changing Router to $hostname"

puts ""

puts "*****************************************************"

foreach address {

172.16.101.1 255.255.255.0

172.16.10.129 255.255.255.128

172.16.123.1 255.255.255.128

172.16.21.1 255.255.255.128

172.16.16.1 255.255.255.128

172.16.10.1 255.255.255.128

172.16.20.2 255.255.255.128

172.16.123.2 255.255.255.128

172.16.21.2 255.255.255.128

172.16.200.126 255.255.255.128

172.16.30.3 255.255.255.128

172.16.123.2 255.255.255.128

172.16.34.3 255.255.255.128

172.16 35.3 255.255.255.128

} {

puts "\n\n\n"

puts $hostname

puts $address

rsh $router ping $address

}

}

Te above script will produce output similar to the following. Note that the addresses above donít match the output below because this output came from a different testbed:

Changing Router to hostname r1

************************************************

 

hostname r1

172.16.10.129

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.10.129, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

hostname r1

172.16.123.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.10.129, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

 

This script makes it very easy to identify reachability problems in the topology. Issuing a "ping" via RSH achieves a rapid response from the router actually executing the ping. This means that when pings are successfully reaching their target, each set of pings for individual addresses will occur with machine gun rapidity. Itís only when a ping fails that the speed of the command execution slows to a halt. When watching the execution of the script, successful pings will occur almost too rapidly to read the actual script output. When a ping fails, however, it will be easy to identify the failing address and from where the ping actually originated.

The script only uses the "puts" command, and the "set hostname" command to format the output into something that is easy to read. It also allows immediate identification of which router and which address is pinging at any given time.